from the putting-privacy-back-into-'no-expectation-of-privacy?' dept

The Seattle Police Department (SPD) held its first-ever hackathon on Friday. The event was focused on a single problem: How to redact the video streams recorded by police officers from their dashcams and (soon) body-worn video cameras.

This hackathon was inspired by a local privacy activist formerly known only by his email address (policevideorequest@gmail.com) and his FOIA request for every Seattle PD body cam recording in perpetuity. By leveraging transparency against privacy, the activist hoped to achieve a better balance of both -- but for a few moments, it looked like the only thing that would suffer damage was accountability. The expansive request caused the city to rethink its decision to put cameras on its cops. Now, the camera program is again moving forward, and with the activist's help.

No completely workable solution presented itself during the five-hour event, but progress was made towards achieving this balance. Many of the projects presented performed automatic blurring of persons encountered by police and offered rudimentary auto-transcription of recorded audio. Timothy Clemans -- the activist who is now working with the police to solve their redaction problem -- has a demonstration of his own prototype hosted at his website. He also voiced his support for police officers and suggested the default settings for FOIA'ed video.

Clemans… stated that most of the work done by police officers is saving lives through CPR or calmly working with drunken or angry citizens, yet the public rarely sees that on video. He also urged a report where all video would be initially over-redacted – essentially the whole frame is blurred – and then the news media or activists could ask for less redacted versions of the video of interest.

Although solid progress was made, there are a few caveats. First, as Marcus Womack of Evidence.com points out, the job can never be solely trusted to an automated process. Anything deemed "sensitive" would still need human review before release. Secondly, many of the tools demonstrated have their own limitations, like text-to-speech programs that only recognize English and the fact that much of the recorded audio is less than pristine.

Finally, whether privacy activists like it or not, there's not going to be a whole lot of redaction happening once the camera program is underway.

Seattle Police officials… admitted that about 90 percent of the video officers create probably needs no redaction at all. That’s because members of the public have no right to expect privacy in their interactions with police, unless they are juveniles or a witness or victim whose safety might be at risk if their identity is known.

Now, we just need the police to remember this 90 percent rule. With the police wearing body cameras and the public carrying cellphones, the playing field is as level as it's going to get. This means whatever lack of privacy the public is expected to deal with goes double for camera-wearing cops -- and this means no intimidation tactics, B.S. obstruction charges or seizing of cameras as "evidence." I only mention this because Seattle's law enforcement officers haven't proven themselves any more accepting of public recording than other PDs around the nation.

But the overall good news is that the body cam program is back on track and the Seattle PD actually seems interested in making it work for the betterment of everyone -- not just those wearing the blue.

The Australian federal police mistakenly published highly sensitive information – including metadata – connected to criminal investigations, in a serious breach of operational security.

Guardian Australia can reveal that the AFP provided documents to the Senate, which were then made publicly available online on parliamentary sites and other sources for several years, and which accidentally disclosed information about the subjects and focus of criminal investigations and telecommunications interception activities.

Not only did the AFP reveal targets (something deemed incredibly sensitive because exposure means targets will change methods, route around surveillance, etc.), thus jeopardizing the safety of the public (or so they say), but they also revealed the names of operatives, thus jeopardizing the always-paramount safety of police personnel.

The spokesman said the information was “hidden behind electronic redactions within the document” and “one phone number and an address could, under certain circumstances, be accessed”.

The actual exposed information was far more extensive than this understatement-delivered-with-an-apology tries to present it.

The information that police disclosed included the address of a target subject to surveillance, the types of criminal investigations and offences being investigated, the names of several AFP officers that are not publicly available and other identifying information including the phone number of an individual connected to an investigation.

The AFP is "truly sorry" about the self-inflicted breach and says it has apologized to "relevant stakeholders" (does this include the target?) but as one senator notes, this doesn't really instill a whole lot of confidence in an agency that is "arguing strenuously for data retention."

The agencies collecting the data can't seriously claim it will always be 100% secure, but most arguing against expanded collections conjecture the exposure will come from the outside, rather than from those collecting it. This shows that the AFP is more infatuated with its surveillance tools than its operational security, as are most agencies in the data collection business. (See also: NSA, Snowden, multiple new leakers.)

Sure, mistakes will happen, but that's one of the many reasons why law enforcement and intelligence agencies need fewer collections and more oversight. Apologizing for exposing targets and officers doesn't really do anything to fix the underlying issue: collecting for collecting's sake and the unearned swagger that accompanies it. These agencies think they can handle more because they've got the ability and the storage, but while strutting around secure in their technical superiority, they're failing Redaction 101 or allowing contractors to head out the door with thousands of sensitive documents.

When outgoing director Robert Mueller told the Senate Judiciary Committee last July that the FBI was in the “initial stages” of developing guidelines for its drone program, a handful of privacy hawks in Congress perked up and requested more details. The FBI released correspondence with three members of Congress—Sen. Rand Paul (R-KY), Rep. Zoe Lofgren (D-CA) and Rep. Ted Poe (R-TX)—in its latest bundle. Paul had already posted in full the FBI’s answers to questions about the scope and purpose of domestic UAV surveillance, but FBI FOIA officers still saw fit to sanitize them.

Here are the two versions of the same document, with the legislator's clean copy up top and the needlessly redacted version sent to Muckrock below it.

The FBI can't even keep track of what it's already sent out in unredacted form, making a mockery of its own paranoiac "but for criminals/terrorism" tendencies. What makes this even more ridiculous is that the inverse happened just a couple of weeks ago, when Tom Coburn called out the DHS for producing drone documents to Congress that were more heavily redacted than the ones it supplied in response to an EFF FOIA request (which were also rather heavily redacted).

For 2010 alone, my staff has tallied at least 20 instances in which the publicly-released documents appear to contain legible passages which are redacted entirely or in large part from the documents DHS provided the Committee. In other words, DHS appears to have chosen to withhold information from Congress which the DOJ -- and, we must assume, DHS -- has determined was appropriate to share with the American public.

Why these agencies even bother redacting anything at this point is inexplicable. There's obviously no rationale behind what gets released and what gets withheld. It's apparently an arbitrary decision made by each individual employee tasked with handling responses to outside queries. The stated concerns about "security" are obviously a sham. The public already has the information they're choosing to redact, which instantly nullifies any justifications given for the redactions.

If the redactions are essentially meaningless, than every redaction should be challenged. We can't see what's behind the black ink and whiteout, so we're expected to assume the info is "sensitive." But it obviously isn't if it can be revealed elsewhere without the security of the nation collapsing. The truth appears to be that no one in charge of redacting documents has any real idea what the fuck they're doing. That calls into question many of the efforts being made in the name of national security, something made even more depressing when you consider the exponential growth of that area of the government over the last 12 years.

Who watches the watchers? Well, we do. And what we're seeing is a bumbling display of ineptitude, propelled by an outsized sense of paranoia -- a bureaucratic farce where the right hand is completely unaware the left hand even exists, much less has any earthly idea what it's up to.